d633586fbf00b9bceea1084cbc17d91a_JaffaCakes118 | Triage

Sharing

General

Target

d633586fbf00b9bceea1084cbc17d91a_JaffaCakes118
Size

388KB
MD5

d633586fbf00b9bceea1084cbc17d91a
SHA1

76d0adf915d253dbb1ebd66165fa34706214f593
SHA256

03a8b4453295b704d28577c4e879cd0a2f607f4d47a7e4f1f43609b815446329
SHA512

a44846c18a58f59a06b584c60ff08d3c6d0a655194f8a306e76453435384424be107d2a2e91a42fa9846b51d5c521d5c2187dfec3fd859d8268a82f54f6e18e4
SSDEEP

6144:XHxw8+24fIfMLAXW3fUECXurS415a+9pExsk5xhP/j9phNYyk3plZKaFPECdf:XHp4fN0EaQS41Exsk5/Bphi/tFFf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d633586fbf00b9bceea1084cbc17d91a_JaffaCakes118

Files

d633586fbf00b9bceea1084cbc17d91a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ca72a332e9578bb0e849154a62fa244

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
CloseHandle
ExitProcess
LCMapStringA
GetCurrentProcess
CreateFileA

user32

CloseWindow
CharLowerBuffA
SetWindowLongA
wsprintfA
CreateWindowExA

advapi32

RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegSetValueA
RegEnumValueA
RegCloseKey
RegDeleteValueA
RegQueryValueA

Sections

.text
Size: 366KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ